Government agencies will soon be able to replace the familiar Personal Identity Verification card with a smartphone equipped with a secure chip, two vendors say.
A derived credential, so-called because it is a cryptographic key derived from a PIV smartcard, can be stored on a mobile device if it is equipped with a secure chip, states a release from mobility security specialists MobileIron and card purveyors Entrust Datacard.
Federal departments, which have to comply with a series of legal requirements for identity management and access control, will be able to meet their obligations without requiring special hardware or tokens, the release states.
“Government agencies have been waiting for years to use derived credentials and we’re pleased to be the first … to bring a solution to market,” said Barry Mainz, president and CEO of MobileIron.
“Our mobile based, derived credential offering will enable a more productive workforce, while offering the highest levels of security to protect what is most important,” added Ryan Zlockie, vice president of authentication solutions for Entrust Datacard.
NIST unveiled standards for derived credentials last June and several agencies have piloted solutions since.